package com.gupao.orderssoclient.interceptor;

import com.gupao.orderssoclient.util.HttpUtil;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * 每个子系统中都需要写一套拦截流程吗？ 不合适怎么办？
 *  做成jar包可以吗？ 似乎可行
 */
public class SessionInterceptor extends HandlerInterceptorAdapter {


    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("I'm here");
        HttpSession session =request.getSession(false);
        if (session!=null&&session.getAttribute("login").equals("login")) {
            return true;
        }

        String token = request.getParameter("token");
        if (token != null) {
            String reqUrl = "http://www.sso.com:8090/checkToken";
            String content = "token=" + token;
            String result = HttpUtil.sendReq(reqUrl, content);
            if ("correct".equals(result)) {
                request.getSession().setAttribute("login", "login");
                return true;
            }
        }


        response.sendRedirect("http://www.sso.com:8090/preLogin?url=www.order.com:8082/order/wel");
        return false;
    }
}


























